Vulnerability Description
An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yokogawa | Exaopc | >= r1.01.00, <= r3.77.00 |
| Yokogawa | Exaplog | >= r1.10.00, <= r3.30.00 |
| Yokogawa | Exaquantum | >= r1.10.00, <= r3.02.00 |
| Yokogawa | Exaquantum\/Batch | >= r1.01.00, <= r2.50.40 |
| Yokogawa | Exarqe | All versions |
| Yokogawa | Exasmoc | All versions |
| Yokogawa | Ga10 | >= r1.01.01, <= r3.05.01 |
| Yokogawa | Insightsuiteae | >= r1.01.00, <= r1.06.00 |
Related Weaknesses (CWE)
References
- http://jvn.jp/vu/JVNVU98228725/index.htmlThird Party Advisory
- https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisoVendor Advisory
- http://jvn.jp/vu/JVNVU98228725/index.htmlThird Party Advisory
- https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisoVendor Advisory
FAQ
What is CVE-2019-6008?
CVE-2019-6008 is a vulnerability with a CVSS score of 7.8 (HIGH). An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/...
How severe is CVE-2019-6008?
CVE-2019-6008 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6008?
Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Exaopc, Yokogawa Exaplog, Yokogawa Exaquantum, Yokogawa Exaquantum\/Batch, Yokogawa Exarqe.